chore: Synced file(s) with googleworkspace/.github

[googleworkspace-bot]

Synced local file(s) with googleworkspace/.github.

Changed files

• Created local .github/CODEOWNERS from remote sync-files/defaults/.github/CODEOWNERS
• Created local SECURITY.md from remote SECURITY.md
• Created local directory .gemini/ and copied all sub files/folders from remote directory sync-files/defaults/.gemini/
• Created local .vscode/extensions.json from remote sync-files/defaults/.vscode/extensions.json

---

This PR was created automatically by the repo-file-sync-action workflow run #24672694193

[gemini-code-assist]

Summary of Changes

Hello @googleworkspace-bot, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request automates the synchronization of essential configuration files from a central Google Workspace repository. The primary goal is to ensure consistency across projects by adding standardized CODEOWNERS, security reporting guidelines, and recommended VS Code extensions, thereby streamlining development workflows and security practices.

Highlights

• New Configuration Files: Introduced several new configuration files, including ".github/CODEOWNERS", "SECURITY.md", and ".vscode/extensions.json", to standardize repository settings.
• Automated Sync: These changes were automatically synced from the "googleworkspace/.github" repository using the "repo-file-sync-action".
• Security Reporting: Added a "SECURITY.md" file detailing the process for reporting security vulnerabilities via "https://g.co/vulnz".
• VS Code Recommendations: Included a ".vscode/extensions.json" file to recommend the "google-workspace.google-workspace-developer-tools" extension for VS Code users.

Ignored Files

• Ignored by pattern: .gemini/** (3)
  • .gemini/GEMINI.md
  • .gemini/config.yaml
  • .gemini/settings.json

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request, generated automatically, synchronizes several repository configuration files. My review focuses on improving the completeness and clarity of these new files. I've suggested adding default owners to the CODEOWNERS file to ensure all future changes are reviewed. I've also proposed a clarification to the SECURITY.md file to make the instructions for reporting vulnerabilities easier to read.

[gemini-code-assist]

This CODEOWNERS file only specifies owners for the .github directory. To ensure all changes in the repository are reviewed, it's highly recommended to add a default owner for all files. For example, you could set the existing team as the default owner.

# Default owner for all files
* @googleworkspace/workspace-devrel-dpe

.github/ @googleworkspace/workspace-devrel-dpe

[gemini-code-assist]

This sentence is a bit hard to read due to a missing space and repetition of the link. Consider rephrasing for better clarity.

Suggested change

	To report a security issue, please use [https://g.co/vulnz](https://g.co/vulnz). We use
	[https://g.co/vulnz](https://g.co/vulnz) for our intake, and do coordination and disclosure here on
	To report a security issue, please use [https://g.co/vulnz](https://g.co/vulnz).
	We use this for our intake, and do coordination and disclosure here on